Dynata

VP, Security & Compliance

Dynata$200K — $220K *
US-Anywhere
+ 2 other locationsRemote
Information Technology
11 - 15 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in Computer Science, IT/Systems, Cybersecurity, or a related field; Graduate degree is desirable.
  • 15+ years of progressive experience in Information Security or Cybersecurity.
  • 5+ years in a leadership role managing security and compliance teams of 6 or more.
  • Experience in AI/ML security, particularly with model risk management frameworks.
  • Deep expertise in cloud security across AWS, Azure, and GCP.
  • Proven track record of running compliance audits like SOC 2, ISO 27001 without just support.

Responsibilities

  • Own the enterprise security strategy, prioritizing investment and aligning controls with business goals.
  • Establish a Zero Trust architecture across multi-cloud environments.
  • Oversee threat intelligence and incident response programs.
  • Build AI security governance frameworks for AI/ML initiatives.
  • Manage compliance certifications and monitor regulatory developments.
  • Lead Dynata's Security Operations Center (SOC) for continuous improvement and audit readiness.
  • Serve on governance committees to influence data and AI risk management policies.

Benefits

  • Comprehensive medical benefits package.
  • Discretionary incentive program based on performance.
  • Support for professional certifications like CISSP and CCSP.
Full Job Description
THE OPPORTUNITY

Dynata is hiring a VP of Security & Compliance to own and evolve our enterprise security posture at a pivotal moment: we are scaling AI-driven infrastructure, migrating legacy platforms to cloud-native architectures, and hardening compliance controls across a global, highly regulated data environment.

Reporting directly to the SVP of Infrastructure & Corporate Applications, you will lead a team of 6-15 security and compliance professionals, serve as the company's senior-most security executive, and operate as a strategic partner to the CTO, Legal, and Board. This is a high-visibility, high-impact role for a leader who combines deep technical security expertise with fluency in AI risk, regulatory compliance, and executive communication.

Candidates with backgrounds in banking, financial services, or Fortune 500 data-intensive environments are strongly preferred - where AI governance, model risk, and regulatory scrutiny are already embedded in the security culture.

This role carries formal committee responsibilities: the VP will serve as a standing member of Dynata's Data Governance Committee and AI Governance Committee, and will participate in strategic task forces as designated by senior leadership. The ideal candidate is located in the Eastern or Central time zone to ensure alignment with core business hours and cross-functional collaboration.

KEY RESPONSIBILITIES

Security Strategy & Governance
Own Dynata's enterprise security strategy - define the roadmap, prioritize investment, and align security controls with business objectives across cloud, corporate applications, and data platforms.
Establish and maintain a Zero Trust security architecture spanning AWS, Azure, and GCP environments.
Oversee threat intelligence, vulnerability management (CVE reduction), and incident response programs.
Drive Cloud Security Hardening initiatives and set security standards within the Cloud Center of Excellence (CCoE).

AI Security & Risk Management
Build and own Dynata's AI Security governance framework - establish policies, controls, and risk guardrails for the company's growing AI/ML portfolio including MS Fabric, Snowflake, Copilot, and LLM-based tools.
Lead AI risk assessment and model governance aligned with NIST AI RMF, EU AI Act, and emerging regulatory requirements.
Define controls for LLM-specific threats: prompt injection, data exfiltration via AI, model inversion, and adversarial inputs.
Partner with the EDMS and Engineering teams to embed AI security-by-design in DataHub, lakehouse architectures, and AI product development.

Compliance & Regulatory Oversight
Own and manage all major compliance certifications and audits: SOC 2 Type II, ISO 27001, GDPR, CCPA/CPRA, and HIPAA where applicable.
Monitor the regulatory landscape - proactively identify and respond to emerging privacy and AI regulation in the US and EU.
Manage third-party and vendor risk management programs across Dynata's technology supply chain.
Partner with Legal and Finance to respond to client security questionnaires, audits, and contractual security requirements.

Security Operations Center (SOC) & Audit Management
Own and manage Dynata's Security Operations Center (SOC) - including 24/7 monitoring coverage, alert triage, escalation protocols, and continuous improvement of detection and response capabilities.
Lead all internal and external security audits - coordinate audit preparation, evidence collection, control testing, and finding remediation across all compliance frameworks (SOC 2, ISO 27001, GDPR, CCPA).
Manage relationships with external auditors, assessors, and penetration testing partners; ensure audit readiness is a continuous state, not a seasonal event.
Drive SIEM/SOAR optimization - tune alerting, reduce false positives, and improve analyst efficiency across Splunk, Microsoft Sentinel, CrowdStrike, or equivalent platforms.
Establish SOC KPIs and SLAs: MTTD, MTTR, alert-to-ticket ratio, and analyst utilization - reported to leadership monthly.

Governance Committees & Strategic Leadership
Serve as a standing member of Dynata's Data Governance Committee - providing the security and privacy lens on data classification, access policies, retention standards, and data lineage across the enterprise.
Serve as a standing member of Dynata's AI Governance Committee - defining AI risk thresholds, responsible AI standards, and security controls for all AI/ML models and agents moving into production.
Participate in strategic task forces as designated by senior leadership - contributing security expertise to emerging initiatives, M&A due diligence, vendor evaluations, and regulatory response efforts.
Represent security interests in the Cloud Center of Excellence (CCoE) - ensuring that cloud architecture decisions are made with security guardrails built in from day one.

Cross-Functional Partnership - Product, Engineering & Technology
Partner with Product and Engineering teams to embed security into the software development lifecycle (SDLC) - from threat modeling and secure design reviews through code scanning, staging validation, and production release gates.
Collaborate with Technology leadership (Cloud Ops, EDMS, Corporate Applications) to ensure security controls are woven into platform architecture, data pipelines, and enterprise application rollouts - not bolted on after the fact.
Serve as the trusted security advisor for all major technology programs - including D365 CE/F&O, MS Fabric/Lakehouse, Dynata+ Phase 3, and inBrain Azure migration - providing risk assessments and go/no-go input at key milestones.
Engage with front-end and application teams to assess and remediate security risks in web applications, APIs, and customer-facing platforms - including penetration testing oversight and vulnerability triage coordination.

Team Leadership & Culture
Recruit, develop, and retain a high-performing Security & Compliance team of 6-15 FTEs.
Foster a security-first culture across Technology Operations and the broader organization through training, awareness programs, and executive engagement.
Present to executive leadership and the board - deliver quarterly security posture reviews, risk dashboards, and compliance status updates with clarity, confidence, and business context.
Serve as the executive sponsor for security in cross-functional programs including BOS 162; D365 migration, inBrain Azure migration, and Dynata+ Phase 3.

  QUALIFICATIONS & EXPERIENCE

Education
• Bachelor's degree in computer science, Information Technology/Systems, Cybersecurity or related field
• Graduate Degree desirable, but not required

Experience
15 years of progressive experience in Information Security, Cybersecurity, or a related discipline.
5+ years in a people-management role leading security and/or compliance teams of 6 or more.
Proven track record building or maturing security programs at a Fortune 500, PE-backed, or highly regulated company (banking, financial services, healthcare, or large-scale data/tech platforms strongly preferred).
Hands-on AI/ML security experience: securing LLM deployments, generative AI products, or data science environments - ideally including model risk management frameworks from financial services.
Deep cloud security expertise across AWS, Azure, and/or GCP - including cloud-native security tooling, IAM, and multi-cloud governance.
Strong compliance program ownership: SOC 2, ISO 27001, GDPR, CCPA - you've run the audits, not just supported them.

Technical Expertise
SIEM / SOAR platforms: hands-on experience with CrowdStrike Falcon (EDR, OverWatch, Identity Protection), Splunk, Microsoft Sentinel, or equivalent - including rule tuning, playbook development, and SOC workflow automation.
DLP (Data Loss Prevention): deep familiarity with enterprise DLP tooling (e.g., Microsoft Purview, Symantec DLP, Forcepoint) - policy design, incident investigation, and integration with broader data classification frameworks.
Vulnerability management: end-to-end CVE lifecycle - scanning, prioritization, patch coordination, and executive-level reporting.
AI/ML security: NIST AI RMF, adversarial ML, LLM security controls, model inversion, and data poisoning defense.
Data architecture fluency: working understanding of modern data platforms (cloud data lakes, lakehouses, Snowflake, MS Fabric, relational and NoSQL databases) - sufficient to assess data flow risks, classify sensitive assets, and engage credibly with data engineering teams.
Front-end platforms & enterprise applications: familiarity with security considerations for SaaS/enterprise app stacks - including CRM/ERP (e.g., D365, HubSpot, Workday), web applications, and API security - enabling effective partnership with Corporate Applications teams.
Cloud security tooling: AWS Security Hub, Microsoft Defender for Cloud, GCP Security Command Center, CSPM/CWPP platforms.
Claude Cowork (Anthropic): direct, hands-on experience using Claude Cowork for enterprise task automation, document intelligence, and AI-assisted workflows - enabling the candidate to credibly govern, audit, and set guardrails for AI productivity tools deployed across the organization.

Certifications
CISSP (Certified Information Systems Security Professional) - strongly preferred; candidates without CISSP must hold CISM, CISA, or equivalent and commit to CISSP within 18 months of hire.
CCSP (Certified Cloud Security Professional) - a strong plus given Dynata's multi-cloud environment.
AI security or governance certification (e.g., NIST AI RMF Practitioner, Google Cloud Security) - valued given the AI governance committee responsibilities.
CRISC, CGEIT, or similar risk management credentials - welcomed.

Leadership & Soft Skills
Executive presence & communication: comfortable presenting to C-suite, board members, and external stakeholders - translating complex security risk into clear business language, defensible recommendations, and compelling narratives. You inform decisions, you don't just report status.
Cross-functional partnership: proven ability to partner effectively with Product, Engineering, and Technology teams - embedding security into the SDLC, product roadmaps, and platform architecture without becoming a bottleneck.
Strategic thinker who can balance long-term security architecture with near-term operational realities and shifting business priorities.
Collaborative influencer - this role succeeds through influence, trust, and shared ownership across teams, not authority alone.
Mission-driven: a genuine passion for protecting data, earning customer trust, and building a security culture that people believe in - not just comply with.

The base salary range for this position in is $200K-$220K/yr; however, base pay offered may vary depending on location, job-related knowledge, skills, and experience. A discretionary incentive program may be provided as part of the compensation package, in addition to a full range of medical and other benefits, dependent on full-time employment status

About Dynata

Dynata is a global data and survey research company that provides data-driven insights to help businesses make informed decisions. The company offers a range of services, including market research, polling, and data analytics. Dynata has a presence in over 100 countries and serves clients in a variety of industries, including healthcare, finance, and technology. The company was founded in 2018 and is headquartered in Plano, Texas.
Learn more about Dynata
Size
1,500 employees
Industry

Similar Jobs

More Jobs at Dynata

More Information Technology Jobs

Find similar VP, Security & Compliance jobs: